Rails 3, How to split actions on the same controller between two devise accounts?

How can I split actions between two devise accounts ? so that each account can view only specific set of actions on the same controller ?

Is there an easy way to redirect the wrong account to a specific view ?

Here is my scenario:

I have created two accounts types:

  • Instructor
  • Student

There is a controller which both accounts types can visit specific actions on it:

class CoursesController < ApplicationController # instructors are allowed to view all action's views, except :browse_courses, :register_course before_filter :authenticate_instructor!, :except => [:browse_courses, :register_course] # students are allowed to view only :browse_courses, :register_course before_filter :authenticate_student!, :only => [:browse_courses, :register_course]

...

but, strangely, some times, when I visit the edit action at the controller above using instructor account, devise will ask for student authentication, and the edit view won't be rendered, although instructor is able to view the edit

Notice that before_filter :authenticate_student! states that :only => [:browse_courses, :register_course] shall be authenticated for student account, so, why edit action gets authenticated too for student ? ( it will show student sign in view )

Is the code above the right way ? or there is a better approach for this problem ?

--------------Solutions-------------

Devise is an authentication tool. Don't try to implement authorization with it.

Let Devise identify your users, and use something else to handle their privileges. I, personally, like CanCan by Ryan Bates.

With it, your controller would look like this:

class CoursesController < ApplicationController
def browse_courses
authorize! :show, Course # throws exception if not authorized

# proceed here
end

def register_course
authorize! :register, Course

# proceed here
end
end

CanCan has pretty easy and powerful way of defining who can do what. Read this: Defining Abilities.

Category:ruby on rails 3 Time:2012-03-04 Views:2

Related post

  • Rails: Pass parameters with render :action? 2009-10-10

    I have a form that displays differently depending on the parameter it was called with. Ex. testsite.local/users/new?type=client So if type was a or b, the form would display different fields. My problem is when the form is filled out incorrectly, bec

  • ruby on rails form not doing correct action 2009-11-10

    I'm trying to edit a form, the route is controller/id/action for edit so for example people/124321/edit I'm trying to make this form submit to the update action using this code: <% form_for :probe, @probe, :action => "update" do |f| %> ... .

  • Rails routes, problem with custom :action not being recognized, always 'show' 2010-06-28

    I'm trying to 'manage' users, instead of 'new' and 'show' users via actions. The problem is somewhere in routes I suspect, as my link '/users/manage' is being received as an id parameter to 'show' action: Terminal log of process: Processing UsersCont

  • Rails 3 Form For Custom Action 2011-01-15

    I'm having trouble routing a form to a custom action in Rails 3. Here are my routes: resources :photos do resources :comments collection do get 'update_states' end member do put 'upload' end end Here's the form_for: form_for @photo, :remote => tru

  • Ruby on rails - Pass text_field's value in form to a parameter for an action in a different controller 2011-03-12

    I have a form which has this text field <%= f.text_field :content %> I have a link_to tag to post the value of the text field to an action present in another controller. I need to be able to get the value of the text field and say <%= link_t

  • Rails 3: Links that Call Actions but Don't Leave/Refresh the Current Page? 2011-10-30

    Is there a way in Rails 3 to call an action (to play around with a database) without refreshing or running the action then redirecting to the current page? I tried messing with :remote => true in link_to, but it doesn't work for me. Or maybe I mis

  • Android Split Action Bar with Action Items on the top and bottom? 2011-12-20

    Is there a way to specify some action items to the top part of the Split Action Bar while the others go to the bottom? Or is it all or nothing, whereby all the action items go to the bottom part of the split only? --------------Solutions-------------

  • split action bar doesn't appear? 2012-01-15

    i want to make action bar top and down in android 4.03 make code but when i run it it doesn't appear , i don't know what is wrong , i search for reson before asking here but i didn't find anything here is menu/style.xml code: <menu xmlns:android="

  • in ruby on rails, how to call a action in ApplicationController? 2010-04-14

    I am new to Ruby and RoR. I am not really understand how the controllers work. I have an action in ApplicationController def some_checking ... end And I would like to call the action some_checking in another controller class OtherController < Appl

  • Rails - Ajax call renders my action and the parent page 2011-12-03

    in the new action of my contracts controller, I have an ajax link to a non RESTful action <%= link_to "Select negotiation", negotiations_list_negotiations_path(:user_id => current_user), {:remote => true, :id => 'related_negotiation_add_l

  • Add action to scaffold generated controller 2011-04-12

    I have created model, view and controller: $ rails generate scaffold Post name:string title:string content:text Then I have added the method on Post controller: def fill_default_data Post.fill_default_data end But when I have open http://localhost:30

  • Routing more than one action to the same controller and action 2011-07-09

    I am trying to get something like this working on my Rails app: match '/:language', :to => 'posts#search_result' match '/:tag', :to => 'posts#search_result' match '/:language/:tag', :to => 'posts#search_result' I am using this search_result

  • Apply an action filter to every controller in only one part of an ASP.NET MVC site? 2009-05-25

    I've seen a great answer to a similar question which explains, by inheriting all controllers from a new base class decorated with your own ActionFilter attribute, how you could apply some logic to all requests to your site. I'd like to find a way to

  • Multiple actions on the same controller and view in asp.net MVC 2009-08-31

    How do I use multiple actions on the same controller? I'm using the default project that comes up when opening a new project in asp.net mvc. I added one more Index action on the homecontroller to accept a value from a textbox...like this string strTe

  • How to get all action names from a controller 2009-10-28

    How could I write code to get all the action names from a controller in asp.net MVC? I want to automatically list all the action names from a controller. Does anyone know how to do this? Many thanks. --------------Solutions------------- There's no ge

  • ZEND Controllers - How to call an action from a different controller 2009-12-05

    I want to display a page that has 2 forms. The top form is unique to this page, but the bottom form can already be rendered from a different controller. I'm using the following code to call the action of the other form but keep getting this error: "M

  • Zend Studio: How do you add a new action to an existing controller via the IDE? 2010-02-01

    If you simply add the code it doesn't do the automatic action wireup in the .zfproject.xml file. Does the IDE support a way to add additional Actions to an existing controller without manually using the command line tool? Adding the following informa

  • RenderAction not finding action method in current controller in current area 2010-03-15

    I'm creating an ASP.NET MVC 2 (RTM) project that uses areas. The Index action of the Home controller of one area needs to use RenderAction to generate a sub-section of the page. The action called is also defined in the same Home controller. So the ca

  • Reading out all actions in a Grails-Controller 2010-06-02

    i need to read out all available actions from any controller in my web-app. The reason for this is an authorization system where i need to give users a list of allowed actions. E.g.: User xyz has the authorization for executing the actions show, list

Copyright (C) pcaskme.com, All Rights Reserved.

processed in 0.412 (s). 13 q(s)